package com.zzj.security.jwt.config.security.service;

import com.zzj.security.jwt.entity.SysRole;
import com.zzj.security.jwt.entity.SysUser;
import com.zzj.security.jwt.service.SysUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

import java.util.ArrayList;
import java.util.List;

/**
 * 用户认证
 */
@Component("userDetailsService")
public class CustomizeUserDetailsService implements UserDetailsService {

    @Autowired
    private SysUserService sysUserService;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {

        // 用户名为空
        if (StringUtils.isEmpty(username)) {
            throw new UsernameNotFoundException("用户不存在");
        }
        SysUser sysUserDb = sysUserService.findByUsername(username);
        //用户不存在
        if (sysUserDb == null) {
            throw new UsernameNotFoundException("用户不存在");
        }
        //用户存在, 获取角色（权限）列表
        Long id = sysUserDb.getId();

        //List<SysPermission> permissions = sysPermissionService.findListByUserId(id);
        //List<SysRole> roles = sysRoleService.findRolesByUserId(id); // 查询到用户的所有角色权限
        List<SysRole> roles = sysUserDb.getRoleList();
        /*
         * 定义一个集合用于保存org.springframework.security.core.GrantedAuthority接口或子实现类的
         * Collection<? extends GrantedAuthority> authorities集合
         *
         * Collection<? extends GrantedAuthority> authorities是用户的角色的集合
         * */
        List<SimpleGrantedAuthority> authorities = new ArrayList<SimpleGrantedAuthority>();

        /*
         * 遍历用户的所有角色,增加到Collection<? extends GrantedAuthority> authorities集合中
         * 角色加入 authorities 集合中，添加前缀 ROLE_ 这样 hasRole hasAnyRoles 可以访问（ hasRole(ROLE_admin) 或 hasRole(admin) 均可）
         * */
        for (SysRole sysRole : roles) {
            String roleCode = sysRole.getRoleCode();//获取权限英文代号
            if (!StringUtils.isEmpty(roleCode)) {
                authorities.add(new SimpleGrantedAuthority("ROLE_" + roleCode));
            }
        }
        /**
         * 再遍历用户的所有权限，增加到Collection<? extends GrantedAuthority> authorities集合中，不需要加 prefix "ROLE_"
         */

        /*
         * 封装返回org.springframework.security.core.userdetails.User的UserDetails子对象
         * User(String username,String password,Collection<? extends GrantedAuthority> authorities)
         *
         * com.zeng.boot.web.configuration.CustomizingSpringSceurityConfiguration 中使用了加密技术,如下
         * auth.userDetailsService(customUserService).passwordEncoder(new BCryptPasswordEncoder());使用了加密
         *
         * 此处要对用户的密码进行加密,如何数据库已经加密了就不需要再加密
         *
         * */
        User user = new User(sysUserDb.getUsername(), sysUserDb.getPassword(), authorities);
//        String password = new BCryptPasswordEncoder().encode(sysUserDb.getPassword());//对密码进行加密

//        User userDetail = null;//封闭返回的UserDetails的子类
////        userDetail = new User(sysUserDb.getGlobalId(),sysUserDb.getPassword(),authorities);
//        //userDetail = new User(sysUserDb.getUsername(),sysUserDb.getPassword(),authorities);
//
//        userDetail = new User(sysUserDb.getUsername(),sysUserDb.getPassword(),
//                sysUserDb.getEnabled(),
//                sysUserDb.getNotExpired(),
//                sysUserDb.getCredentialsNotExpired(),
//                sysUserDb.getAccountNotLocked(),
//                authorities);

        return user;
    }

}
